I am trying to achieve a use case where on installing an app, all print services barring one would get disabled on the Android device.
To achieve this, I looked into Android's Device Administration API capabilities but that doesn't fulfill the use case. I also looked into Google's Android for Work framework and arrived at the following observations / possible solutions -
By setting up managed profiles (work profile): This was introduced from Android 5.0 but can only manage the listed/enterprise controlled and has no control over other apps as mentioned in the below links -
https://developers.google.com/android/work/build-dpc
https://developer.android.com/work/managed-profiles.html
By writing a Device Policy Controller (DPC) app: To achieve the specific use-case the DPC would have to run as the device owner in which case the provisioning needs to be done via NFC and is not straightforward. Also, this scenario is generally meant for corporate owned, single use (COSU) devices.
So my questions/doubts here are -
Is there any straightforward way in which this use case can be achieved?
Is this even achievable as it violates the Android Security model?
You should write your custom DPC. Right now you can do provisioning using several methods. If you have devices which use Android 7 and above you can use QR code provisioning which is quite convenient. For this purpose you can upload your dpc apk to a remote server and write information about the server, application DeviceAdminReceiver and apk checksum to QR code (you can take this QR code as example).
You can check to google awesome project TestDPC which will give your deep understanding of what is DPC and how can you use it.
You can read more about provisioning methods in android documentation. Also if you can contact the manufacturer of devices you can ask him to preinstall your custom dpc.
It is achievable and doesn't violate Android Security model because during provisioning your dpc app it get Device Owner (root). So you can do anything without any restrictions. Here you can check device owner API and possibilities. Also take a look at TestDPC source code and you will understand that nothing is impossible with Device owner mode :)
Related
I want to build an app to transfer message history between iOS and Android.
Apple does not allow third party apps to access messages, but Samsung Smart Switch circumvents this by using either phone-to-phone USB connection or by accessing iCloud. Google phone transfer seems to do a similar thing.
How do these apps make this possible and is this something third party developers can do?
I don't think you can transfer things over like that from Android to Apple iPhone unless they give you the option when you are first setting up the iPhone to transfer contents over from android and it also transfers the messages.
Another option though it's been a long time since I have used an Android device. You could use something like https://messages.google.com/web to load up your android messages from your phone and possibly just export them and save them to your computer.
As for developing such a tool, working within the messages API for apple. I think you can only develop extensions or addons but can't directly access the content for security reasons. Without further research, the companies might be only allowing the company to do this via a contract between them, but would not let a 3rd party vendor such as you or I access this data.
https://developer.apple.com/app-store/review/guidelines/
Nowhere in the guidelines does it specify that you can't access the SMSes. But you can only access it if you use private methods which are not allowed and will get your app rejected.
You can only access data for which Apple supplies a documented API. You can not access files outside of the Sandbox of your App unless Apple provides an API for it.
I am creating a personal application that can locally manage/control an android device. In particular, I want to be able to do things such as lock down the device, enforce password policies, and wipe the device according to the local state of the device. I have reviewed a number of possible ways of doing this, but that is where I run into trouble.
According to this documentation, DeviceAdmin is essentially deprecated (i.e. the device must be Managed or have Managed Profile to access most of the DeviceAdmin API).
According to this documentation, creating a custom Device Policy Controller (DPC) is essentially deprecated. Side note: from context I am assuming a DPC is essentially a DeviceAdmin with a Managed device/profile but I can't find anywhere that explicitly states that (please correct me if I am wrong).
And finally I'm lead to the Android Management API, which at first seems to be what I want. Until I go through the quickstart and find out that I have to create a server and manage the device through a client-server relationship. As a reminder, I am looking for a way to locally manage the device. Now there are release notes indicating that local management may be coming in the future, but that is not now.
So here is my question: is there a currently supported way to locally manage a device?
I am aware of a developer hack that can set an application as a device owner. And while this may be able to work for my personal use, that seems like a pretty big hole in terms of enterprise management.
It is correct that, as of today, Android Enterprise has no way to manage a device locally. There is an open feature request to add support for the local execution of commands as part of our push for extensibility integration with the AMAPI SDK. But as mentioned, it is not currently supported.
Despite Android Enterprise no longer accepting new registrations/validations for custom device policy controllers (DPCs), developers can still build a device policy controller to lock down a device, enforce password policies, and wipe the device according to the local device state. You can still build one and deploy it to your device with a QR or NFC. That said, it's important to note that the DPC would NOT be able to use the Play EMM APIs (so, no app management via the Play Store). This limitation may disqualify the solution for you.
AWS has a 'remote-desktopy' feature (https://aws.amazon.com/blogs/aws/aws-device-farm-update-remote-access-to-devices-for-interactive-testing/) as part of its device farm, but it is far too slow to use in browser. Does anyone know if there is a programmatic/CLI way to interact with that system?
I would like to test the functionality of a third party app on a cloud based mobile testing platform such as Firebase Test Lab, or AWS device farm. I have no way to instrument this app.
The testing requires I download two apps on the device (one is the app to be tested, the second has a supporting function). At the start of the test I have to launch the support app, and then switch over to the app I am testing. I imagine the only way to do this is via the device's 'home' button. The actual testing is just a set of basic UI interactions.
Does the Firebase Test lab or other platform have a feature that I could use to do this?
If there was a way to extract events from the AWS remote-desktop, I could see an approach using a selenium/other webdriver. But I am not sure this a real option.
Any thoughts on this are appreciated.
Thanks!
"The UI Automator APIs allow you to write robust tests without needing to know about the implementation details of the app that you are targeting. You can use these APIs to capture and manipulate UI components across multiple apps" (documentation)
To tap the Home button you can use UiDevice.pressHome().
I am trying to develop a Mobile Device Management Application. I have so far implemented native or basic restrictions (policies) based on http://developer.android.com/guide/topics/admin/device-admin.html
Now I want more access to the device to put more restrictions, I searched and found a page which is almost exactly same for what I want to implement. Below is the page:
http://www.manageengine.com/products/desktop-central/help/mobile_device_management/mdm_android_restrictions.html
I understand that almost all of these require the device to be SAFE. Once I have the SAFE device then where can I find any documentation or source code or samples where I can see how these restrictions are getting implemented in code. I am unable to find any such thing so far. There must be some API or tutorials etc to guide on implementing these.
Please guide me on how to implement these on SAFE device.
You need to register to Samsung Safe program. As soon as you will be member you will have access to
Documentation
Examples
Special API token which will allow you to call these API's
This is regarding google apps Device Management policy third party application which I got from android market in 2.2 .
I registered an account in Google Apps domain in order to use this account for enabling device management policies. I need to know the process in which remote wipe out feature can be achieved using this application in an enterprise manner. I need to login as an administrator in this application and need to wipe out the user secured data in his device on his request.
Is there a way in which I can achieve this using this 3rd party application?
I will be waiting for reply with the process in which this application can be used in Enterprise scenario.
Thanks in Advance.
If you are looking for device management in an enterprise scenario, you might want to take a look at Oracle Database Lite Mobile Server.
It provides enterprise device management features, including the ability to remotely wipe data on the client. However it does much more than that. It also includes a configurable two-way data sync engine and a management console for provisioning and monitoring devices. You can read more about it, and even try it out here:
http://bit.ly/eJOzhN
Maybe overkill for what you’re trying to do, but if you also need to provision applications and sync data between your devices and a backend database, this could be an ideal solution for you.
Good luck, hope you find a solution that meets your needs.
-- Eric
Your question is not programming related.
Please use:
https://android.stackexchange.com/
for Android superuser type questions.